package com.zenithsun.common.security.xss;

import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;

/**
 * 请求过滤，对请求参数进行过滤、验证、转义等   XSS,CRLF漏洞
 * @author Jiang
 *
 */
public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {
	HttpServletRequest orgRequest = null;

	public XssHttpServletRequestWrapper(HttpServletRequest request) {

		super(request);
		orgRequest = request;
	}

	/**
	 * 覆盖getParameter方法，将参数名和参数值都做xss过滤。<br/>
	 * 如果需要获得原始的值，则通过super.getParameterValues(name)来获取<br/>
	 * getParameterNames,getParameterValues和getParameterMap也可能需要覆盖
	 */
	@Override
	public String getParameter(String name) {
		String value = super.getParameter(xssEncode(name));
		if (value != null) {
			value = xssEncode(value);
		}
		return value;
	}

	@Override
	public String[] getParameterValues(String parameter) {
		String[] values = super.getParameterValues(xssEncode(parameter));
		if (values == null) {
			return null;
		}
		int count = values.length;
		String[] encodedValues = new String[count];
		for (int i = 0; i < count; i++) {
			if (values[i] == null) {
				encodedValues[i] = values[i];
			} else {
				encodedValues[i] = xssEncode(values[i]);
			}
		}
		return encodedValues;

	}

	/**
	 * 覆盖getHeader方法，将参数名和参数值都做xss过滤。<br/>
	 * 如果需要获得原始的值，则通过super.getHeaders(name)来获取<br/>
	 * getHeaderNames 也可能需要覆盖
	 */
	@Override
	public String getHeader(String name) {

		String value = super.getHeader(xssEncode(name));
		if (value != null) {
			value = xssEncode(value);
		}
		return value;
	}

	/**
	 * 将容易引起xss漏洞的字符直接替换
	 * 
	 * @param s
	 * @return
	 */
	private static String xssEncode(String s) {
		if (s == null || s.isEmpty()) {
			return s;
		}
		//处理 orderBy 参数
		if(s.equals("orderBy")){
			//a-z A-Z 0-9 _  数字字母下划线
			if(!Pattern.compile("^[a-zA-Z0-9_]+$", Pattern.CASE_INSENSITIVE).matcher(s).find()){
				//强制抛出异常
				Integer.parseInt("ERROR");
			}
		}
		StringBuilder sb = new StringBuilder(s.length() + 16);
		for (int i = 0; i < s.length(); i++) {
			char c = s.charAt(i);
			switch (c) {
			case '<':
				sb.append("&lt;");
				break;
			case '>':
				sb.append("&gt;");
				break;
			
			default:
				sb.append(c);
				break;
			}
		}
		String result = sb.toString().replaceAll("(\r\n|\r|\n|\n\r)", "");  
		return result;

		// s = s.replaceAll("<", "& lt;").replaceAll(">", "& gt;");
		// s = s.replaceAll("\\(", "& #40;").replaceAll("\\)", "& #41;");
		// s = s.replaceAll("'", "& #39;");
		// s = s.replaceAll("eval\\((.*)\\)", "");
		// s = s.replaceAll("[\\\"\\\'][\\s]*javascript:(.*)[\\\"\\\']",
		// "\"\"");
		// //s = s.replaceAll("script", "");
		// return s;
	}

	/**
	 * 获取最原始的request
	 * 
	 * @return
	 */
	public HttpServletRequest getOrgRequest() {
		return orgRequest;
	}

	/**
	 * 获取最原始的request的静态方法
	 * 
	 * @return
	 */
	public static HttpServletRequest getOrgRequest(HttpServletRequest req) {
		if (req instanceof XssHttpServletRequestWrapper) {
			return ((XssHttpServletRequestWrapper) req).getOrgRequest();
		}

		return req;
	}
}